Tuesday, 2 June 2015

How to spy on someone's iPhone easily

So you grew suspicious about your significant other's behavior of late. She covers her iPhone's screen every time you take a glance at it, and nervously reaches out for her smartphone every other minute as if waiting for a message.

What's going on, and what websites does she visit, you wonder. There is an easy way to learn that for free; and neither jail-breaking is required, nor spyware install needed. The only thing you'll need is a very short-term access to the iPhone in question - to change its DNS setting. Once you've managed to get hold of her phone, quickly (you might want to rehearse this in advance) do the following:

  • go to Settings, find Wi-Fi, 
  • tap the circled i
  • scroll down to DNS section, 
  • tap the four-numbered IP Address, and 
  • change it to 208.67.222.222 or 208.67.220.220 (these are DNS servers belonging to OpenDNS.com)

Changing iPhone DNS setting

OpenDNS.com is a free website access logging service. After you change the DNS server IP, the phone's owner would suspect nothing: it would be working as perfectly as ever, only her every website access is now logged by OpenDNS.com.

Next, create a free OpenDNS.com account.

Then you need to register your home network with your OpenDNS account.

If your home LAN has a dynamic IP, you'll also need to install OpenDNS' automatic IP updater client on a home system, e.g. on your own notebook or "main" home PC:
OpenDNS dynamic IP changer


In about two to three hours after you complete those steps OpenDNS will give you the first precious data:




In addition to raw URL list sorted by access frequency, OpenDNS produces spreadsheet files in *.csv format with the same URLs categorized. The service divides its URL list into pages, and for every page it produces a separate CSV-file. This is not very convenient.

To filter the URL list and make more sense out of it, you can use the free OpenDNS Log Processor, which can read a bunch of OpenDNS CSV files at once. It is an open source program written in Lazarus/Free Pascal. The Win32 binary of the Log Processor can be downloaded here, while the sources are under this link. In theory, the source could be easily recompiled for Linux, Mac OS X or other platforms supported by Free Pascal as it contains no platform-specific code. A sample config file is included along with the executable.

The workflow is as follows:

  • you wake up in the morning, login to your OpenDNS account here
  • choose the date range from yesterday to today, and 
  • download all the *.csv files into a folder by clicking the corresponding icon and Next several times.




Then you may either:

  • move the CSV files to OpenDNS Log Processor folder, and run the program manually or
  • run a batch file that looks something like this (modified according to your setup):

REM == start opendnslogfilter_GUI.bat ==

del /q c:\opendnslog\*.csv
move /y c:\downloads\*.csv c:\opendnslog\
c:\opendnslog\opdns_gui.exe

REM ==  end opendnslogfilter_GUI.bat  ==


This one will, line by line:

  • clean opdns_gui working folder from yesterday's CSVs;
  • move in new freshly downloaded ones; and 
  • run opdns_gui.exe to sort them out.




Right away, in the third column you can see "alert" URLs (included in [AlertInclude] section of the opdns_gui config file) she accessed during the last day; in the leftmost column - any URLs categorised by OpenDNS; and in the middle one - the full list of URLs with various advertising and technical addresses filtered out.

Whenever you want to slim the middle column down even more, you can open Config Editor by clicking the [>>] button, copy something into the [FilteredExclude] section, and press [Save] to save the updated config and reread the CSVs. Easy and clear. Just note that all strings in the config file's sections are treated as substrings by the program; i.e., when you put PORN in a section, the log processor searches for all strings that contain the word.



The same spying trick could be applied to a home PC if you change its DNS settings, to an Android device, or to all devices in a home LAN if you modify your router's parameters accordingly. 

2 comments:

  1. This comment has been removed by the author.

    ReplyDelete
  2. This comment has been removed by a blog administrator.

    ReplyDelete